1. Field of the Invention
The present invention relates to inter-process communications (IPC). More particularly, the present invention relates to using digital certificates to secure inter-process communications.
2. Background Information
A need exists to secure inter-process communications. Currently, communications security efforts are often directed to authenticating the identity of a person involved in a communications session. However, inter-process communications occur between processes rather than persons. For example, inter-process communications are typically communications that involve one process controlling another process or communications that involve two processes sharing common data and/or a common memory. Accordingly, security efforts for inter-process communications are typically limited to obtaining an address for a computer supporting a particular process. However, computers can be co-opted, such that obtaining a computer's address is not a guarantee that inter-process communications to or from the computer are secured.
As another example, when a user interacts with an application server over the internet, a process running on the application server may request the services of a process running on a back-end server. The security of the inter-process communications is conventionally limited to obtaining the address of the application server and the back end server. However, obtaining the address of the application server and/or the back end server is not a guarantee that inter-process communications between the application server and the back end server are secured. Rather, as described above, such inter-process communications are susceptible to corruption when either computer is co-opted.
As yet another example, so called “peer-to-peer” networks involve unmanaged and unmonitored computers that each have similar capabilities and responsibilities (in contrast to, e.g., client/server networks). Inter-process communications are particularly susceptible to abuse in a peer-to-peer network because communications are often not monitored by network administrators or network monitors. Rather, users are often trusted to manage their own security. However, due to the nature of inter-process communications, users may not even be aware when inter-process communications occur between their computer and another computer in a peer-to-peer network, let alone whether such inter-process communications are secure.
Accordingly, a need exists to secure inter-process communications.